This chapter provides you with the necessary information to use the ASDM Startup Wizard to perform the initial configuration of your network. It provides a step-by-step procedure explaining how to use the ASDM Startup Wizard to set up the initial configuration for your ASA/PIX Security Appliance.

This chapter is from the book

This chapter is from the book

This chapter provides you with the necessary information to use the ASDM
Startup Wizard to perform the initial configuration of your network. There are
three major sections in this chapter.

This chapter addresses the following topics:

Introduction to the ASDM Startup Wizard—This first
section provides a brief overview of the ASDM Startup Wizard and its
capabilities.

Understanding the Basic Network Topology—The second
section is a discussion of your basic network topology, explaining some
high-level concepts of IP addressing and how it's used in configuring your
network. The intent is to give you the basic concepts to enable you to easily
move ahead with your firewall and Internet deployment.

Using the ASDM Startup Wizard to Configure Your
Network—The third section is the bulk of the chapter and is a
step-by-step tutorial on how to use the wizard to configure your firewall.

This chapter is a step-by-step procedure explaining how to use the ASDM
Startup Wizard to set up the initial configuration for your ASA/PIX Security
Appliance.

These steps are intended to show you how to achieve secure connectivity to
the Internet. After completing these steps, you will have access to the
Internet. In addition, you will be protected from both Internet-sourced attacks
against the hosts on the inside of your network and denial-of-service (DoS)
attacks against your firewall.

Chapter 6, "Deploying Web and Mail Services," covers how to
configure ASDM to advertise and secure public services such as web servers and
e-mail.

Introducing the ASDM Startup Wizard

The ASDM Startup Wizard is an easy-to-use tool that steps you through the
procedures necessary to get your firewall functional. It provides the
configurations necessary for both Internet connectivity and protection for your
network resources. The wizard queries you for all items pertinent to the
configuration of your firewall, including the following:

Inside IP addresses

Outside IP addresses

Default gateway

Domain name

Public services

Network address translations

Firewall name

Access passwords

Interface options

Inside addressing options (DHCP)

Before you begin, take a look at Table 5-1, which defines the network terms
used in the preceding list.

Table 5-1 Networking Terminology

Terminology

Definition

Inside IP address

The IP address of the inside interface of your firewall, which connects to
your internal network.

Outside IP address

The IP address of the outside interface of your firewall, which connects to
your service provider for Internet connectivity. This address is provided by
your service provider.

Default gateway

The next-hop IP address of your firewall outside interface. This is provided
by your service provider.

Domain name

This is optional. If you are providing public services, you need to identify
a domain name for those services. Either your ISP or a web registration service
provides your domain name.

Public services

These are services that you are providing to other people over the Internet.
Common public services are web servers, mail servers, or DNS servers. You can
elect not to manage your own services and have your ISP manage the services for
you.

Network address translation

This feature enables you to use private addresses inside your network and
still obtain Internet access.

Access passwords

This password allows you privileged access to your firewall.

Inside addressing options (DHCP, static)

These are IP addresses that you assign to devices on the inside of your
firewall. You have two options for configuring your inside hosts with IP
addresses: You can manually set up each address on each PC, or you can use DHCP
on the ASA/PIX Security Appliance to assign addresses for you.